Triggers appEngine的app.yaml中的Gcloud build trigger环境变量替换
我试图用云构建触发器替换app.yaml中的变量Triggers appEngine的app.yaml中的Gcloud build trigger环境变量替换,triggers,yaml,gcloud,app.yaml,Triggers,Yaml,Gcloud,App.yaml,我试图用云构建触发器替换app.yaml中的变量 steps: - name: node:10.15.1 entrypoint: npm args: ["install"] - name: 'gcr.io/cloud-builders/gcloud' entrypoint: bash args: - '-c' - | sed -i 's/%
steps:
- name: node:10.15.1
entrypoint: npm
args: ["install"]
- name: 'gcr.io/cloud-builders/gcloud'
entrypoint: bash
args:
- '-c'
- |
sed -i 's/%SESSION_SECRET%/'${_SESSION_SECRET}'/g' app.yaml
timeout: "1600s"
我在构建触发器中添加了替换变量
steps:
- name: node:10.15.1
entrypoint: npm
args: ["install"]
- name: 'gcr.io/cloud-builders/gcloud'
entrypoint: bash
args:
- '-c'
- |
sed -i 's/%SESSION_SECRET%/'${_SESSION_SECRET}'/g' app.yaml
timeout: "1600s"
将环境变量添加到app.yaml中,使用构建触发器变量可以轻松替换环境变量。像这样:
env_variables:
SECRET_KEY: %SECRET_KEY%
在cloudbuild.yaml中添加一个步骤,用构建触发器中的值替换app.yaml中的所有%XXX%变量
steps:
- name: node:10.15.1
entrypoint: npm
args: ["install"]
- name: 'gcr.io/cloud-builders/gcloud'
entrypoint: bash
args:
- '-c'
- |
sed -i 's/%SESSION_SECRET%/'${_SESSION_SECRET}'/g' app.yaml
timeout: "1600s"
问题在于Gcloud生成会引发异常:
Already have image (with digest): gcr.io/cloud-builders/gcloud
bash: _L/g: No such file or directory
为什么??如何替换我的app.yaml
我有一个app.yaml到项目根目录,与cloudbuild.yaml处于同一级别
已更新
我正在尝试使用以下命令在本地构建和调试gcloud:
sudo cloud-build-local --config=cloudbuild.yaml --write-workspace=../workspace --dryrun=false --substitutions=_SESSION_SECRET=test --push .
当我查看app.yaml文件时,替换按预期工作,没有任何例外
gcloud构建环境有什么区别?入口点应该是一个可执行文件,使用
/bin/bash
或/bin/sh
如何检查图像内部(一般):
$docker pull gcr.io/cloud-builders/gcloud
使用默认标记:最新
最新版本:从cloud builders/gcloud获取
...
$docker图像
创建的存储库标记图像ID大小
gcr.io/cloud-builders/gcloud最新版本8499764c4ef6大约一小时前4.01GB
$docker run-ti--entrypoint'/bin/bash'8499764c4ef6
root@60354dfb588a:/#
您可以在那里测试您的命令,而无需每次都将其发送到Cloud Build。好的,我最终决定使用github操作而不是google Cloud触发器 因为谷歌云触发器无法找到自己的app.yaml并自行管理这个奇怪的环境变量 以下是操作方法:
1. Create a new Google Cloud Project (or select an existing project).
2. Initialize your App Engine app with your project.
[Create a Google Cloud service account][sa] or select an existing one.
3. Add the the following Cloud IAM roles to your service account:
App Engine Admin - allows for the creation of new App Engine apps
Service Account User - required to deploy to App Engine as service account
Storage Admin - allows upload of source code
Cloud Build Editor - allows building of source code
[Download a JSON service account key][create-key] for the service account.
4. Add the following [secrets to your repository's secrets][gh-secret]:
GCP_PROJECT: Google Cloud project ID
GCP_SA_KEY: the downloaded service account key
我的环境:
应用程序引擎,
标准(非弹性),
Nodejs Express应用程序,
postgresqlcloudsql
首先设置:
1. Create a new Google Cloud Project (or select an existing project).
2. Initialize your App Engine app with your project.
[Create a Google Cloud service account][sa] or select an existing one.
3. Add the the following Cloud IAM roles to your service account:
App Engine Admin - allows for the creation of new App Engine apps
Service Account User - required to deploy to App Engine as service account
Storage Admin - allows upload of source code
Cloud Build Editor - allows building of source code
[Download a JSON service account key][create-key] for the service account.
4. Add the following [secrets to your repository's secrets][gh-secret]:
GCP_PROJECT: Google Cloud project ID
GCP_SA_KEY: the downloaded service account key
app.yaml
runtime: nodejs14
env: standard
env_variables:
SESSION_SECRET: $SESSION_SECRET
beta_settings:
cloud_sql_instances: SQL_INSTANCE
然后是github操作
name: Build and Deploy to GKE
on: push
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
DATABASE_URL: ${{ secrets.DATABASE_URL}}
jobs:
setup-build-publish-deploy:
name: Setup, Build, Publish, and Deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '12'
- run: npm install
- uses: actions/checkout@v1
- uses: ikuanyshbekov/app-yaml-env-compiler@v1.0
env:
SESSION_SECRET: ${{ secrets.SESSION_SECRET }}
- shell: bash
run: |
sed -i 's/SQL_INSTANCE/'${{secrets.DATABASE_URL}}'/g' app.yaml
- uses: actions-hub/gcloud@master
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
APPLICATION_CREDENTIALS: ${{ secrets.GCLOUD_AUTH }}
CLOUDSDK_CORE_DISABLE_PROMPTS: 1
with:
args: app deploy app.yaml
要将机密添加到git hub操作中,您必须转到:设置/机密
请注意,我可以用bash脚本处理所有替换。因此,我不会依赖github项目“ikuanyshbekov/app yaml env”-compiler@v1.0"
遗憾的是,GAE并没有提供一种处理app.yaml环境变量的最简单方法。我不想使用KMS,因为我需要更新beta设置/云sql实例。。我真的需要在app.yaml中替换所有内容
这样,我就可以针对正确的环境采取特定的行动,并管理这些秘密。我根据您的建议更新了我的问题。看看我的测试结果。谢谢我不清楚你们在问什么,Cloud Build是一个非常通用的工具,因为我正试图用cloudbuild.yaml让我的替代品在gcloud Build上工作。当我在本地调试时,我没有得到异常“没有这样的文件或目录”,很明显,您在这里是反模式的。您可以使用app.yaml和cloudbuild.yaml设置环境变量。反模式要求在构建时使用
sed
进行替换。好的,我将尝试直接在app.yaml的ENV_VAR:from中设置替换。如果它能像那样工作,那就太简单了。